Digital contents distribution services are becoming popular. In the services, digital contents being digital works such as music and movies are digitally distributed to a recording device (e.g. a KIOSK terminal and a personal computer) over a network, the distributed digital contents are stored in a storage medium device by using the recording device, and the stored digital contents are played back by a playback device (e.g. a music player and a portable terminal for displaying videos).
In this case, in order to protect rights of copyright owners of the digital contents, technology is required to prevent the digital contents having been stored in the storage medium device from being copied to another storage medium device and played back.
According to Patent Literature 1, in a storage medium device, a medium unique number that is unique to the storage medium and unrewritable is stored. A licenser side generates a medium unique key based on the medium unique number stored in the storage medium, encrypts a decryption key for decrypting encrypted data with the generated medium unique key, and writes the encrypted decryption key to the storage medium as license information. A user side reads the medium unique number from the storage medium, generates the medium unique key based on the read medium unique number, generates the decryption key by decrypting the encrypted decryption key being the license information with the generated medium unique key, and generates plaintext digital data by decrypting the encrypted data with the generated decryption key.
According to this technology, even if an attempt is made to copy the encrypted data and the license information stored in the authorized storage medium device to the other unauthorized storage medium device, and decrypt the encrypted data copied to the unauthorized storage medium device, the copied encrypted data cannot be properly decrypted. This is because, since the medium unique number stored in the authorized storage medium device cannot be copied to the unauthorized storage medium device, the medium unique number stored in the authorized storage medium device cannot be obtained from the unauthorized storage medium device, and thus the encrypted decryption key being the license information cannot be properly decrypted. As a result, it is impossible to properly decrypt the encrypted data.
Meanwhile, card makers that sell storage medium devices purchase parts such as controllers and flash memories from parts makers, and put them together to manufacture storage medium devices. Then, the card makers sell the storage medium devices after embedding the information such as the medium unique information and the medium unique key described above, which is required for the copyright protection on the contents, into the assembled storage medium devices. Thus, the uniqueness and the security of the medium unique information and the medium unique key are ensured only by the card makers.